<meta charset="UTF-8">
<?php

/* 
 * To change this license header, choose License Headers in Project Properties.
 * To change this template file, choose Tools | Templates
 * and open the template in the editor.
 */
/**
 * @todo 增加对下单量超过库存量的判断
 * @todo 订单保存的相关逻辑优化，可以考虑分别存放在用户区和管理员区
 *        用户可以随时查阅订单信息，管理员可以根据订单统计分析得出销售额等信息
 *        这样管理员对订单信息删除不会影响到用户，反之亦然
 *        或者设置flag标志位用以标志是否被用户或者管理员删除
 *        最好结合实际调研再确定修改方案
 */
 session_start();
 
 $address = $_POST['address'];
 $receiver = $_POST['receiver'];
 $shfs = $_POST['shfs'];
 
 $name=$_SESSION['username'];
 $date=date("Y-m-j H:i:s");

include("conn/conn.php");

$conn = prepare();

$sql= exectue_sql_statement($conn, "select * from Members where members_name='$name'");
$info=sqlsrv_fetch_array($sql);
$members_id = $info['members_id'];

 $arraybook=explode("@",$_SESSION['booklist']);
 $arrayquantity=explode("@",$_SESSION['quantity']);
 
 for($i=0;$i<count($arraybook)-1;$i++){
     $book_id=$arraybook[$i];
     $num=$arrayquantity[$i];
     
     exectue_sql_statement($conn, "insert into Orders(book_id, orders_amount, members_id, receiver_name, orders_address, receive_method, orders_date) values ($book_id, $num, $members_id, '$receiver', '$address', '$shfs', '$date')");
     
     $sql = exectue_sql_statement($conn, "select * from Store where book_id=$book_id");
     $info=sqlsrv_fetch_array($sql);
     exectue_sql_statement($conn, "update Store set book_amount=".($info['book_amount']-$num)."where book_id=$book_id");
 }
 
 /**
  * @remark 延时，伪造出后台处理订单的假象
  */
 sleep(3);
 
 $_SESSION['booklist']="";
 $_SESSION['quantity']="";
 
echo"<script>alert('订单提交成功!');window.location.href='cart.php';</script>";
?>